The following error appears while installing an SSL certificate from a private CA by copying and pasting it in the Paste SSL Digital Certificatebox on the VIP Enterprise Gateway under Settings > SSL Certificate.
Failed to add SSL Certificate.
Broken chain. Signature fails on [CN=xxx, DC=xxx, DC=xxx, DC=com]
The error can occur if a CSR is generated from the VIP Enterprise Gateway, then submitted to a private CA for a certificate. Or, when importing a certificate without adding the private CA chain into the VIP Enterprise Gateway.
Import the appropriate root and intermediate certificates for the private CA chain into the VIP Enterprise Gateway Settings → Trusted CA Certificate → Add Certificate.
Restart the VIP Enterprise Gateway Service from the Windows/Linux services console.
If the CSR was generated from the VIP Enterprise Gateway: > Select Install, then paste the SSL Digital Certificate you received into the form. No extra spaces or line breaks should be included. > Click Submit to add the SSL Certificate.
If the CSR was not generated from the VIP Enterprise Gateway: > Select SSL Certificate → Add SSL Certificate, then choose Import SSL Certificate. Choose the file, correct password, and a cert alias. > Click Submit to add the SSL Certificate.
Imported Document ID: SO19345
Subscribing will provide email updates when this Article is updated. Login is required.